Malware Domain List

Malware Related => Malicious Domains => Topic started by: Amishrabbit on July 08, 2011, 08:06:52 pm

Title: ZeroAccess / Max++ rootkit CnC domains
Post by: Amishrabbit on July 08, 2011, 08:06:52 pm
Referenced in the blog post at http://blog.webroot.com/2011/07/08/zeroaccess-rootkit-guards-itself-with-a-tripwire/

The rootkit uses a domain name generation algorithm that rotates its command-and-control domains once a day. The researchers at Webroot reversed this mechanism and have generated the domains the rootkit will use for the rest of July and August, by which time, no doubt, there will be a new variant which no longer uses the same mechanism.

Code: [Select]
8/7 : http://jajhlvkw.cn
9/7 : http://iyncifls.cn
10/7 : http://pnwjogba.cn
11/7 : http://ljiditu.cn
12/7 : http://iivxhdcd.cn
13/7 : http://moayuetc.cn
14/7 : http://ojntarqg.cn
15/7 : http://kpdkycsf.cn
16/7 : http://zovysnen.cn
17/7 : http://wiaxzchu.cn
18/7 : http://spnkaamy.cn
19/7 : http://xjdtnqie.cn
20/7 : http://cyjcfwci.cn
21/7 : http://nanhtzzk.cn
22/7 : http://qjwddxep.cn
23/7 : http://anijrsfi.cn
24/7 : http://frvhydef.cn
25/7 : http://vdacaehg.cn
26/7 : http://tgnjurmc.cn
27/7 : http://gvddhcid.cn
28/7 : http://eajxiv.cn
29/7 : http://dnnyofza.cn
30/7 : http://cxwtiges.cn
31/7 : http://rwikltfw.cn
1/8 : http://qaenlilh.cn
2/8 : http://njhiikba.cn
3/8 : http://cneeooub.cn
4/8 : http://xoisuico.cn
5/8 : http://sicbhjtm.cn
6/8 : http://wpzgylqj.cn
7/8 : http://zjmoapsl.cn
8/8 : http://rafbdekt.cn
9/8 : http://cnesralv.cn
10/8 : http://dxhofbbe.cn
11/8 : http://ewegtyur.cn
12/8 : http://grinahcq.cn
13/8 : http://tdcnnntn.cn
14/8 : http://vgzesuqz.cn
15/8 : http://fvmizjsx.cn
16/8 : http://bdinaiel.cn
17/8 : http://yrcnyjhj.cn
18/8 : http://evzihlmm.cn
19/8 : http://agmeupio.cn
20/8 : http://unfsomcb.cn
21/8 : http://jaebiiza.cn
22/8 : http://hwhglkeh.cn
23/8 : http://nxeoiofj.cn
24/8 : http://kiibzhex.cn
25/8 : http://oocssnhz.cn
26/8 : http://mjzonumn.cn
27/8 : http://ipmgajiq.cn
28/8 : http://lafntecr.cn
29/8 : http://pyenfaze.cn
30/8 : http://inherbev.cn
31/8 : http://jjeidyft.cn